Achieving key agreement in wireless sensor networks (WSN) is a very hard problem. Many key agreement schemes come with a shortage of considering sensor addition, revocation, and also rekeying. This paper proposes a key distribution protocol based on the public key cryptography, RSA, and DHECC. The proposed protocol does not trust individual sensors, and partially trust the Gateway. Our protocol establishes pair-wise keys between nodes according to a specific routing algorithm after deployment, instead of loading full pair-wise keys into each node. So each node doesn't have to share a key with all neighbors except those involved in the routing path with it, which is the key role of increasing the resiliency, against node capturing, and also the storage efficiency. The proposed scheme comes to circumvent the shortage of providing the rekeying property of nodes and also nodes addition and revocation, comes with previous algorithms. We evaluate our algorithm from the WSN security view point.